﻿<?php
session_start();
echo '<body bgcolor="#009900"><center><h2>删除文件</h2>';
if(isset($_SESSION["user"])==false){
	header("location:../login.php");
	exit;
}
$user=$_SESSION["user"];
if(isset($_SESSION["dir"])==false){
	header("location:index.php");
	exit;
}
$dir=$_SESSION["dir"];
$name1=$_POST["name1"];
$name2=$_POST["name2"];
$name1=str_ireplace(";","isnot",$name1);
$name1=str_ireplace("..","isnot",$name1);
$name2=str_ireplace(";","isnot",$name2);
$name2=str_ireplace("..","isnot",$name2);
if(stripos($name2,"php")||stripos($name2,"jsp")||stripos($name2,"asp")||stripos($name2,"asa")){
	header("location:index.php?dir=$dir");
	exit;
}
rename("$user/$dir/$name1","$user/$dir/$name2");

$file=fopen("../log.txt","a");
include '../lib/time.php';
fwrite($file,"\r\n" . $time . ":'$user' in '$dir' rename the folder - from '$name1' to '$name2'.");


header("location:index.php?dir=$dir");
exit;
?>